AUSEARCH_ADD_REGEX(3)						  Linux Audit API					     AUSEARCH_ADD_REGEX(3)

ausearch_add_regex - use regular expression search rule SYNOPSIS
#include <auparse.h> int ausearch_add_regex(auparse_state_t *au, const char *expr); DESCRIPTION
ausearch_add_regex adds one search condition based on regular expressions to the audit search API. The search conditions can then be used to scan logs, files, or buffers for something of interest. You may not use this in combination with any other search expression. The regu- lar expression follows the posix regular expression conventions. The search results are at the record level and not the field. RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success. SEE ALSO
ausearch_add_expression(3), ausearch_add_item(3), ausearch_clear(3), ausearch_next_event(3), regcomp(3). AUTHOR
Steve Grubb Red Hat Sept 2007 AUSEARCH_ADD_REGEX(3)

Featured Tech Videos